On Wed, May 30, 2012 at 4:20 PM, Todd Heberlein <[email protected]> wrote: > > On May 30, 2012, at 4:53 AM, Stephane Sudre wrote: > >> It's allowed. IIRC, when the helper app is launched from the main >> application, it inherits the entitlements/restrictions of its parent. > > I thought (and I'm barely getting up to speed on this) if the program was > launched as an NSTask, it would inherit the entitlements & container of the > parent. If it was launched as an XPC service it would have its own > entitlements and container. > > But… if the program is launched from a Terminal window or by launchd (e.g., > scheduled to run at midnight), what then? Does it run like a normal UNIX > program with no sandboxing? What if this UNIX helper app is copied to a > different directory? Does Apple forbid a program from MAS that can be > launched this way or if the developer induces its users to run it this way?
I would believe this is the same case as for code-signing. Every executable must define its entitlements. _______________________________________________ Cocoa-dev mailing list ([email protected]) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [email protected]
